This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS forwarding - best practice????

Hi all,

I am currently running an AD Domain that DNS is non-recursive. I have set up forwarders in DNS that forwards to my Astaro box which in turn forwards to OpenDNS.

I am wondering if this is considered best practice or should I set my DNS Servers to forward direct to OpenDNS and set up an allow rule?

What do you all think? I am not the best with DNS!

I would appreciate any comments on how the get the FASTEST performance!!

Thanks very much - Ray

This thread was automatically locked due to age.

0 Val over 18 years ago

Good practice. Proxy all possible protocols at the boundry.

OpenDNS is a good choice, too.

Colin
Cancel
Vote Up 0 Vote Down

Cancel
0 RufusToofus over 18 years ago in reply to Val

Good practice. Proxy all possible protocols at the boundry.

OpenDNS is a good choice, too.

Colin

Yes Internal DNS should do LOCAL resolution and FORWARD external request to ASG, think security .. if ONLY the WIN/AD box goes out on UDP Port 53, you then can lock down DNS request from clients .. a HACK scenario is to compromise a PC to use false DNS lookups to a bogus site etc .. the DNS proxy is a security process not just a convienence.. so YES a good setup !
Cancel
Vote Up 0 Vote Down

Cancel
0 RockinRay over 18 years ago in reply to RufusToofus

Thanks very much! I am glad I did it right the first time...

Using 4.2.2.1, 4.2.2.2, and OpenDNS ROCKS! Quick resolve.

I appreciate the quick advice!

Ray
Cancel
Vote Up 0 Vote Down

Cancel